From owner-freebsd-security Mon Jul 10 18:07:29 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id SAA28665 for security-outgoing; Mon, 10 Jul 1995 18:07:29 -0700 Received: from netcom7.netcom.com (cove@netcom7.netcom.com [192.100.81.115]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id SAA28659 for ; Mon, 10 Jul 1995 18:07:28 -0700 Received: by netcom7.netcom.com (8.6.12/Netcom) id SAA17043; Mon, 10 Jul 1995 18:06:10 -0700 From: cove@netcom.com (Cove Schneider) Message-Id: <199507110106.SAA17043@netcom7.netcom.com> Subject: Re: Restricted shell? To: bmk@dtr.com (Brant Katkansky) Date: Mon, 10 Jul 1995 18:06:10 -0700 (PDT) Cc: security@freebsd.org In-Reply-To: <199507101941.MAA09406@everest> from "Brant Katkansky" at Jul 10, 95 12:41:03 pm X-Mailer: ELM [version 2.4 PL23] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Length: 718 Sender: security-owner@freebsd.org Precedence: bulk > > Is there a restricted shell available for FreeBSD 2.0.5R? > Yes there is -- I guess you got Nate's reply. In any event I thought I'd just mention a few words of caution.. A common mistake by many ISPs, schools etc. is to let people use unmodified versions of more, elm and pine -- I'm sure the list goes on. If a user can make it to vi, he or she is home free.. Remember you can change enviormental vars. in vi.. I'm sure this isn't the only editor that can do this, but watch out for programs that have this ability in reguars to a restricted shell.. I'm sure you alredy know to check know your software though.. Good luck.. -- Cove Schneider cove@netcom.com